From adc4a3a4b0b78a2ab910685d138e0e598fc0edc7 Mon Sep 17 00:00:00 2001 From: Kevin McKinney Date: Thu, 23 Feb 2012 23:41:05 -0500 Subject: [PATCH] Staging: bcm: fix possible NULL dereference of psfLocalSet in CmHost.c Variable psfLocalSet may not follow the correct path in the code, and therefore may not be set properly. As such, causing a null dereference. Signed-off-by: Kevin McKinney Signed-off-by: Greg Kroah-Hartman --- drivers/staging/bcm/CmHost.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/staging/bcm/CmHost.c b/drivers/staging/bcm/CmHost.c index 522d0052e839..e332f1e7c11e 100644 --- a/drivers/staging/bcm/CmHost.c +++ b/drivers/staging/bcm/CmHost.c @@ -1839,7 +1839,13 @@ BOOLEAN CmControlResponseMessage(PMINI_ADAPTER Adapter, /* PackInfo[uiSearchRuleIndex].bActive = TRUE; } - if (psfLocalSet->bValid && (pstChangeIndication->u8CC == 0)) { + if (!psfLocalSet) { + BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "No set is valid\n"); + Adapter->PackInfo[uiSearchRuleIndex].bActive = FALSE; + Adapter->PackInfo[uiSearchRuleIndex].bValid = FALSE; + Adapter->PackInfo[uiSearchRuleIndex].usVCID_Value = 0; + kfree(pstAddIndication); + } else if (psfLocalSet->bValid && (pstChangeIndication->u8CC == 0)) { Adapter->PackInfo[uiSearchRuleIndex].usVCID_Value = ntohs(pstChangeIndication->u16VCID); BCM_DEBUG_PRINT(Adapter, DBG_TYPE_PRINTK, 0, 0, "CC field is %d bvalid = %d\n", pstChangeIndication->u8CC, psfLocalSet->bValid);